Thread Flags in the KTHREAD

Reorganisation of the KTHREAD for the build of version 5.2 from Windows Server 2003 SP1, presumably in anticipation of 64-bit Windows, seems to have been very concerned about economy of space. A notable feature of that build is that it moves numerous small KTHREAD members into “spare” space in larger members. Perhaps as part of this exercise, this build also made bit fields of what had been two booleans. Later versions brought more booleans from the KTHREAD, and even a ULONG, and also moved bits to and from another set of flags.

The ThreadFlags member, which is an integral type for simultaneous access to all the bits described below, was first placed within the Timer member, using space that the KTIMER structure left undefined because of its 8-byte alignment in 64-bit builds. A reworking of the KTIMER for version 6.1 removed the saving and the ThreadFlags merely followed the Timer. Version 6.2 moved the ThreadFlags forward in the KTHREAD, and they have remained there since.

Type Version Offset (x86) Offset (x64)
LONG 5.2 from Windows Server 2003 SP1 and higher 0xA0 0xF4
LONG volatile 6.0 0xB0 0xF4
6.1 0xB8 0x0100
6.2 and higher 0x5C 0x78

Note that the ThreadFlags, as the integral type, are volatile in version 6.0 and higher. Versions 6.0 and 6.1 have the individual bit fields as volatile too.

Bit Fields

Mask Definition Versions History
0x00000001
LONG AutoAlignment : 1;
late 5.2 only previously BOOLEAN
ULONG AutoAlignment : 1;
v. late 5.2 only  
ULONG volatile AutoAlignment : 1;
6.0 to 6.1  
ULONG AutoAlignment : 1;
6.2 and higher  
0x00000002
LONG DisableBoost : 1;
late 5.2 only previously BOOLEAN
ULONG DisableBoost : 1;
v. late 5.2 only  
ULONG volatile DisableBoost : 1;
6.0 to 6.1  
ULONG DisableBoost : 1;
6.2 and higher  
0x00000004
ULONG volatile EtwStackTraceApc1Inserted : 1;
6.0 to 6.1 widened, see below
ULONG UserAffinitySet : 1;
6.2 to 6.3  
ULONG ThreadFlagsSpare0 : 1;
10.0 and higher  
0x00000008
ULONG volatile EtwStackTraceApc2Inserted : 1;
6.0 to 6.1 widened, see below
ULONG AlertedByThreadId : 1;
6.2 and higher  
0x00000010
ULONG volatile CycleChargePending : 1;
6.0 only  
0x00000020 (6.0);
0x00000010
ULONG volatile CalloutActive : 1;
6.0 to 6.1 previously BOOLEAN;
next in MiscFlags
ULONG QuantumDonation : 1;
6.2 and higher  
0x00000040 (6.0);
0x00000020
ULONG volatile ApcQueueable : 1;
6.0 to 6.1 previously BOOLEAN;
next in MiscFlags
0x00000080 (6.0);
0x00000040 (6.1);
0x00000020
ULONG volatile EnableStackSwap : 1;
6.0 to 6.1 previously BOOLEAN
ULONG EnableStackSwap : 1;
6.2 and higher  
0x00000004 (v. late 5.2);
0x00000100 (6.0);
0x00000080 (6.1);
0x00000040
ULONG GuiThread : 1;
v. late 5.2 only  
ULONG volatile GuiThread : 1;
6.0 to 6.1  
ULONG GuiThread : 1;
6.2 and higher  
0x00000100 (6.1)
ULONG volatile UmsPerformingSyscall : 1;
6.1 only next in MiscFlags
0x00000080
ULONG DisableQuantum : 1;
6.2 and higher  
0x00000100
ULONG ChargeOnlyGroup : 1;
6.2 only  
ULONG ChargeOnlySchedulingGroup : 1;
6.3 and higher  
0x00000200
ULONG DeferPreemption : 1;
6.2 and higher  
0x00000400
ULONG QueueDeferPreemption : 1;
6.2 and higher  
0x00000800
ULONG ForceDeferSchedule : 1;
6.2 and higher previously in MiscFlags
0x00001000
ULONG ExplicitIdealProcessor : 1;
6.2 only  
ULONG SharedReadyQueueAffinity : 1;
6.3 and higher  
0x00002000
ULONG FreezeCount : 1;
6.2 and higher previously ULONG
0x00004000
ULONG TerminationApcRequest : 1;
6.3 and higher  
0x00008000
ULONG AutoBoostEntriesExhausted : 1;
6.3 and higher  
0x00010000
ULONG KernelStackResident : 1;
10.0 and higher previously in MiscFlags
0x00020000
ULONG CommitFailTerminateRequest : 1;
10.0 and higher  
0x00040000
ULONG ProcessStackCountDecrement : 1;
10.0 and higher  
 
ULONG ThreadFlagsSpare : 5;
10.0 and higher  
0x003FC000 (6.2);
0x00FF0000 (6.3);
0xFF000000
ULONG EtwStackTraceApcInserted : 8;
6.2 and higher collected from two single bits, see above
 
LONG ReservedFlags : 30;
late 5.2 only  
ULONG ReservedFlags : 29;
v. late 5.2 only  
ULONG volatile ReservedFlags : 23;
6.0 to 6.1  
ULONG ReservedFlags : 10;
6.2 only  
ULONG ReservedFlags : 8;
6.3 only